McAfee - security giant's data lost

Friday, 24 February 2006, 7:03 PM EST

McAfee, the Santa Clara security software company, has lost the personal information of thousands of its employees due to a lapse by an external auditor.

The auditor, an employee of Deloitte & Touche, left an unencrypted CD containing the employee information in an airline seat pocket on Dec. 15. The disc included the names, social security numbers and McAfee stock holdings for more than 9,000 employees, according to McAfee spokeswoman Siobhan MacDermott.

Spotlight

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.